By setting up malicious websites and convincing users to
follow untrusted links or obey very specific drag-and-drop or download
instructions, attackers may leverage the various spoofing issues to
fake other websites to get access to confidential information, push
users to download malicious files or make them interact with their
browser preferences.

The temporary directory issue allows
local attackers to overwrite arbitrary files with the rights of another
local user.

The overflow issues, while not thought to be
exploitable, may allow a malicious downloaded page to execute arbitrary
code with the rights of the user viewing the page.